Skip to content

Instantly share code, notes, and snippets.

@geosharma
Last active November 30, 2021 12:14

Revisions

  1. geosharma renamed this gist Sep 13, 2017. 1 changed file with 0 additions and 0 deletions.
    File renamed without changes.
  2. geosharma created this gist Sep 13, 2017.
    330 changes: 330 additions & 0 deletions new_file0
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,330 @@
    # Notes on Arch Linux installation
    ### Key features:
    BIOS, GPT, encryption, btrfs, xfs. encrypted btrfs root, unencrypted xfs `/home`

    This was created to document the procedures followed during the installation of Arch Linux. This is intended to act as a guide in the event a full installation is required in the future. This is primarily for my own use. I plan to document each step with code. If anyone finds this helpful, then please use it at your own risk, I assume no responsibility for any damage incurred from following these notes. I would recommend that you follow the [Arch Linux Installation Guide](https://wiki.archlinux.org/index.php/installation_guide) and the Arch Linux wikis, rather than these set of notes.

    ## Setup
    * Computer: HP DV6000
    * Hard disk: 230 SSD

    ## References:
    In addition to the Arch Linux Installation Guide, webpages and blogs listed below were very helpful:

    * [Fitzcarraldo's Blog](https://fitzcarraldoblog.wordpress.com/2017/02/10/partitioning-hard-disk-drives-for-bios-mbr-bios-gpt-and-uefi-gpt-in-linux/)
    * [Mathletic ](https://tincman.wordpress.com/2011/01/20/installing-arch-linux-onto-a-gpt-partitioned-btrfs-root-ssd-on-a-legacy-bios-system/)
    * [gutoandreollo](https://gist.github.com/gutoandreollo/e12455886149a6c85a70)
    * [bparmentier](https://github.com/bparmentier/www/blob/master/posts/how-to-install-arch-linux-on-an-encrypted-btrfs-partition.md)
    * [stafwag blog](http://stafwag.github.io/blog/blog/2016/08/30/arch-on-an-encrypted-btrfs-partition/)
    * [BrainDump](https://mzanfardino.wordpress.com/2012/05/24/repairing-broken-arch-linux/)

    ## GPT partitioned SSD with BIOS
    Based on the references, the SSD was formatted as shown below. For no particular reason, I wanted the `/` partition on *btrfs* and `/home` on *XFS*, as I read is done in openSUSE.
    * BIOS boot: 1MiB, Code:EF02, Flags:bios_grub,
    * boot: 512 MB, Code:8300, Flags:None
    * swap: 6 GB, Code:8200, Flags:None
    * root: 66 GB, Code:8300, Flags:None, Attribute: 2 (in expert mode)
    * home: rest, Code:8300, Flags:None
    * 1.00 MiB at the end of the disk

    [Gparted](https://gparted.org/liveusb.php) live usb can be used for partitioning the harddisk. The instructions for creating a live usb can be found at their website. [tuxboot](http://tuxboot.org/download/) can be used to create the bootable usb. The squence of commands for partitioning in **gparted** commandline are presented below:

    ```
    sudo gdisk /dev/sda
    o, y
    n, 1, [enter], +1M, ef02
    n, 2, [enter], +512M, [enter]
    n, 3, [enter], +6G, 8200
    n, 4, [enter], +65G, [enter]
    n, 5, [enter], -1M, [enter]
    x, a, 4, 2, [enter]
    w, Y
    ```

    ## File systems
    * BIOS boot: unformatted, location: /dev/sda1
    * boot: File system: ext4, Label: boot location: /dev/sda2
    * swap: File system: linux-swap, Label: swap location: /dev/sda3
    * root: File system: btrfs, Label: root location: /dev/sda4
    * home: File system: xfs, Label: home location: /dev/sda5
    The sequence of commands to create the file systems were:

    ```
    sudo mkfs.ext4 -L "bios" /dev/sda2
    sudo mkswap -L "swap" /dev/sda3
    sudo mkfs.btrfs -L "root" /dev/sda4
    sudo mkfs.xfs -L "home" /dev/sda5
    ```
    These steps can be performed with the ARCH installation image, however using **gparted** gives the option of visualisation in the gui.

    ## Making Arch Live USB
    Download the image from the website and write the image using [USBWriter](https://sourceforge.net/projects/usbwriter/). It is one of the recommended writers. Boot with Arch live usb.

    ## Steps from Arch Linux Installation Guide
    Once again the **Installation Guide** is the correct document to follow.

    ### Internet connection
    If the device has no wired connection, to get the wireless working follow [Wireless network configuration](https://wiki.archlinux.org/index.php/Wireless_network_configuration). These were the sequence of commands for inspection and setting up the wireless connection. Use `ip link` to determine wireless interface. The wireless interface was `wlp2s0`. If using wireless then stop the *dhcpcd* daemon for wired connection.

    ```
    systemctl stop dhcpcd@ Tab
    lspci -k
    ip link
    ip link set wlp2s0 up
    iw dev wlp2s0 scan | less
    wpa_supplicant -i wlp2s0 -c < (wpa_passphrase "SSID" "key")
    ```
    *wlp2s0* was the wireless interface. If connection to wireless is successful use `Ctrl+c` to quit *wpa_supplicant* and add `-B` switch to run the command in background.

    ```
    wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "SSID" "key")
    iw dev wlp2s0 link
    dhcpcd wlp2s0
    ```
    ### Update system clock
    ```
    timedatectl set-ntp true
    timedatectl set-timezone America/Kentucky/Louisville
    timedatectl set-local-rtc true
    ```

    ### Disk partition
    Partition the disk as desired.

    ### Format partitions
    Format each of the partitions as desired.

    ### Prepare encrypted partition
    ```
    cryptsetup --cipher aes-xts-plain64 --hash sha512 --use-random --verify-passphrase luksFormat /dev/sda4
    cryptsetup luksOpen /dev/sda4 cryptroot
    mkfs.btrfs /dev/mapper/cryptroot
    mount -o noatime,compress=lzo,discard,ssd,defaults /dev/mapper/cryptroot /mnt
    ```

    Create btrfs subvolumes

    ```
    cd /mnt
    btrfs subvolume create __active
    btrfs subvolume create __active/rootvol
    btrfs subvolume create __active/var
    btrfs subvolume create __snapshots
    ```

    System configuration

    ```
    cd
    umount /mnt
    mount -o subvol=__active/rootvol /dev/mapper/cryptroot /mnt
    mkdir /mnt/{home,var}
    mount -o inode64,nobarrier /dev/sda5 /mnt/home
    mount -o subvol=__active/var /dev/mapper/cryptroot /mnt/var
    mkdir /mnt/boot
    mount /dev/sda2 /mnt/boot
    sync
    ```
    ### Install System
    ```
    pacstrap /mnt base base-devel btrfs-progs
    ```
    ### Generate fstab
    ```
    genfstab -U -p /mnt >> /mnt/etc/fstab
    ```
    Chroot into the new System
    ```
    arch-chroot /mnt
    ```
    ### Set time zone
    ```
    ln -sf /usr/share/zoneinfo/America/Kentucky/Louisville /etc/localtime
    hwclock --systohc
    ```
    ### Locale
    Uncomment `en_US.UTF-8 UTF-8` in `/etc/locale.gen`
    ```
    locale-gen
    ```
    Set `LANG` variable in *locale.conf*
    ```
    nano /etc/locale.conf
    LANG=en_US.UTF-8
    ```
    ### Hostname
    Create the *hostname* file
    ```
    nano /etc/hostname
    myhostname
    ```
    Add a matching entry to *hosts*
    ```
    nano /etc/hosts
    127.0.0.1 localhost.localdomain localhost
    ::1 localhost.localdomain localhost
    127.0.1.1 myhostname.localdomain myhostname
    ```
    ### Network configuration
    Install `iw` and `wpa_supplicant` for wireless configureation because these packages are not available after fresh install.

    ### Initramfs
    Modify to *mkinitcpio.conf* to include:
    * MODULES="aes_x86_64"
    * BINARIES="/user/bin/btrfsck"
    * HOOKS="...... encrypt filesystems ... btrfs"
    Add the *encrypt* hook before *filesytems* and *btrfs* at the end and remove the *fsck* hook
    ```
    nano /etc/mkinitcpio.conf
    HOOKS="base udev autodetect modconf block encrypt filesystems keyboard btrfs"
    ```
    Save the file and run
    ```
    mkinitcpio -p linux
    ```
    ### Password
    'root' password

    ```
    passwd
    ```
    ### Bootloader
    Install grub
    ```
    pacman -Syu grub
    grub-install --target=i386-pc /dev/sda2
    ```
    Create *grub.cfg*

    Add encrypted root partition to *GRUB_CMDLINE_LINUX=* in '/etc/default/grub'
    ```
    nano /etc/default/grub
    GRUB_CMDLINE_LINUX=""crytpdevice=/dev/sda4:cryptroot""
    ```
    Save the file and generate *grub.cfg*
    ```
    grub-mkconfig -o /boot/grub/grub.cfg
    ```
    Reboot

    ## Post installation
    Log in as `root` with the root password from above.

    ### Configure network
    Since I was using wireless network
    ```
    ip link set wlp2s0 up
    iw dev wlp2s0 scan | less
    wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "SSID" "key")
    dhcpcd wlp2s0
    ```
    ### Add user
    Add your username and password. If 'archie' is the desired username then:
    ```
    useradd -m -G wheel -s /bin/bash archie
    passwd archie
    ```

    ### Sudo
    Change the default editor from `visudo` to `nano`. Since the user was already added to the *wheel* group, `sudo` was configured to allow members of the *wheel* group sudo access.
    ```
    EDITOR=nano visudo
    ```
    Uncomment the line
    ```
    %wheel All=(ALL) ALL
    ```
    Logout and then login as *user* with *user password*. Test `sudo` with `pacman`

    ### Enable Multilib
    Allows users to run 32-bit applications on 64-bit installation of Arch Linux.

    Uncomment `[multilib]` section in `/etc/pacman.conf`
    ```
    [multilib]
    Include = /etc/pacman.d/mirrorlist
    ```
    ### Wayland
    ```
    sudo pacman -Syu weston
    sudo pacman -S xorg-server-xwayland
    ```
    ### Display manager
    Use GNOME display manager
    ```
    sudo pacman -S gdm
    sudo systemctl enable gdm.service
    ```
    ### Install GNOME DE
    ```
    sudo pacman -S gnome gnome-extra
    ```

    ### Mircocode update
    ```
    sudo pacman -S intel-ucode
    grub-mkconfig -o /boot/grub/grub.cfg
    ```

    ### Network using netctl
    Create a profile in `/etc/netctl` by copying and editing one of the examples in `/etc/netctl/examples/`. Also to obfuscate wireless passphrase use `wpa_passphrase` to compute the 256-bit PSK. An example from the [netctl](https://wiki.archlinux.org/index.php/Netctl) is given below. For example if the *essid* is *highway* and the *passphrase* is *alongandwindingroad*:
    ```
    wpa_passphrase highway alongandwindingroad
    ```
    The output will be as follows:
    ```
    network={
    ssid="highway"
    #psk="alongandwindingroad"
    psk=b2faeec84b34a37f95cc4b4e5696d73eccc1821f4ea4f209606850fb90c3d427
    }
    ```
    Edit one of the example files as shown below for the example given above and save with an appropriate file name `wireless-wpa_highway`
    ```
    Description='A simple WPA encrypted wireless connection using 256-bit PSK'
    Interface=wlp2s2
    Connection=wireless
    Security=wpa
    IP=dhcp
    ESSID='highway'
    Key=\"b2faeec84b34a37f95cc4b4e5696d73eccc1821f4ea4f209606850fb90c3d427
    ```
    Test the created profile
    ```
    sudo netctl start wireless-wpa_highway
    ```
    If everything is working then enable the profile to start at boot.
    ```
    netctl enable wireless-wpa_highway
    ```
    If netctl keeps failing then one of the reasons could be that `dhcpcd.service` is enabled. Disalbe the `dhcpcd.service` as 'netctl' will handle *dhcp*
    ```
    sudo systemctl disable dhcpcd.service
    ```

    ### Others
    The Grub graphics was not very pleasant. Adjusted the framebuffer resolution in `/etc/default/grub`
    ```
    GRUB_GFXMODE=1280x800x32,auto
    GRUB_GFXPAYLOAD_LINUX=keep
    ```
    After saving the changes
    ```
    grub-mkconfig -o /boot/grub/grub.cfg
    ```
    Changed Grub theme to [arch-silence](https://aur.archlinux.org/packages/grub2-theme-archlinux/)

    ### Add and arrange the minimize, maximize and close button in Gnome
    ```
    gsettings set org.gnome.shell.overrides button-layout close,minimize,maximize
    ```
    ### Roaming wireless using netctl
    This needs verification.
    * install *wpa_actiond*
    ```
    # pacman -S wpa_actiond
    ```
    * Enable the *interface*
    ```
    sudo systemctl enable netctl-auto@wlp2s0.service
    ```